Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-29504

AddressSanitizer: heap-use-after-free storage/innobase/lock/lock0lock.cc:3558 in lock_table

    XMLWordPrintable

Details

    Description

      origin/10.6 8ff10969996a5349e906fab44b45c6e3ec53eea0 2022-08-24T17:06:57+03:00
      Build with RelWithDebInfo, ASAN, InnoBD with -O0 other stuff mostly -O2
       
      The RQG test fiddles with FOREIGN KEYs.
       
      # 2022-08-29T12:28:42 [2696739] | ==2700042==ERROR: AddressSanitizer: heap-use-after-free on address 0x616001114f18 at pc 0x55858daec68b bp 0x7fb8b7a9b960 sp 0x7fb8b7a9b950
      # 2022-08-29T12:28:42 [2696739] | READ of size 8 at 0x616001114f18 thread T21
      # 2022-08-29T12:28:42 [2696739] |     #0 0x55858daec68a in lock_table(dict_table_t*, dict_table_t* const*, lock_mode, que_thr_t*) /data/Server/10.6B/storage/innobase/lock/lock0lock.cc:3558
      # 2022-08-29T12:28:42 [2696739] |     #1 0x55858dc1f3ef in row_ins_check_foreign_constraint(unsigned long, dict_foreign_t*, dict_table_t*, dtuple_t*, que_thr_t*) /data/Server/10.6B/storage/innobase/row/row0ins.cc:1557
      # 2022-08-29T12:28:42 [2696739] |     #2 0x55858dca9375 in row_upd_check_references_constraints /data/Server/10.6B/storage/innobase/row/row0upd.cc:252
      # 2022-08-29T12:28:42 [2696739] |     #3 0x55858dcb29a9 in row_upd_del_mark_clust_rec /data/Server/10.6B/storage/innobase/row/row0upd.cc:2535
      # 2022-08-29T12:28:42 [2696739] |     #4 0x55858dcb32de in row_upd_clust_step /data/Server/10.6B/storage/innobase/row/row0upd.cc:2669
      # 2022-08-29T12:28:42 [2696739] |     #5 0x55858dcb3b3a in row_upd /data/Server/10.6B/storage/innobase/row/row0upd.cc:2791
      # 2022-08-29T12:28:42 [2696739] |     #6 0x55858dcb42a2 in row_upd_step(que_thr_t*) /data/Server/10.6B/storage/innobase/row/row0upd.cc:2933
      # 2022-08-29T12:28:42 [2696739] |     #7 0x55858dc54b71 in row_update_for_mysql(row_prebuilt_t*) /data/Server/10.6B/storage/innobase/row/row0mysql.cc:1695
      # 2022-08-29T12:28:42 [2696739] |     #8 0x55858d9c9f57 in ha_innobase::delete_row(unsigned char const*) /data/Server/10.6B/storage/innobase/handler/ha_innodb.cc:8786
      # 2022-08-29T12:28:42 [2696739] |     #9 0x55858d10b5da in handler::ha_delete_row(unsigned char const*) /data/Server/10.6B/sql/handler.cc:7714
      # 2022-08-29T12:28:42 [2696739] |     #10 0x55858d636764 in mysql_delete(THD*, TABLE_LIST*, Item*, SQL_I_List<st_order>*, unsigned long long, unsigned long long, select_result*) /data/Server/10.6B/sql/sql_delete.cc:830
      # 2022-08-29T12:28:42 [2696739] |     #11 0x55858c99f210 in mysql_execute_command(THD*, bool) /data/Server/10.6B/sql/sql_parse.cc:4807
      # 2022-08-29T12:28:42 [2696739] |     #12 0x55858c962e2a in mysql_parse(THD*, char*, unsigned int, Parser_state*) /data/Server/10.6B/sql/sql_parse.cc:8030
      # 2022-08-29T12:28:42 [2696739] |     #13 0x55858c962e2a in mysql_parse(THD*, char*, unsigned int, Parser_state*) /data/Server/10.6B/sql/sql_parse.cc:7952
      # 2022-08-29T12:28:42 [2696739] |     #14 0x55858c98de91 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /data/Server/10.6B/sql/sql_parse.cc:1896
      # 2022-08-29T12:28:42 [2696739] |     #15 0x55858c9942a2 in do_command(THD*, bool) /data/Server/10.6B/sql/sql_parse.cc:1409
      # 2022-08-29T12:28:42 [2696739] |     #16 0x55858cd330d3 in do_handle_one_connection(CONNECT*, bool) /data/Server/10.6B/sql/sql_connect.cc:1418
      # 2022-08-29T12:28:42 [2696739] |     #17 0x55858cd338dc in handle_one_connection /data/Server/10.6B/sql/sql_connect.cc:1312
      # 2022-08-29T12:28:42 [2696739] |     #18 0x7fb8e9c5c608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
      # 2022-08-29T12:28:42 [2696739] |     #19 0x7fb8e982f292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
      ...
      Query (0x62b000126238): DELETE FROM parent WHERE a = 3 /* E_R Thread2 QNO 43346 CON_ID 17 */
      Status: NOT_KILLED
       
      ssh pluto
      gdb -c /data/results/1661771621/TBR-1589/1/data/core /data/Server_bin/10.6B_asan_O2_O0/bin/mysqld
      #10 0x00007fb8e9ecc1ab in __asan_report_load8 ()
         from /lib/x86_64-linux-gnu/libasan.so.5
      #11 0x000055858daec68b in lock_table (table=0x61700004cd70, 
          fktable=0x616001114f18, mode=LOCK_IS, thr=0x624000214170)
          at /data/Server/10.6B/storage/innobase/lock/lock0lock.cc:3558
      #12 0x000055858dc1f3f0 in row_ins_check_foreign_constraint (check_ref=0, 
          foreign=0x616001114ef0, table=0x617000168c70, entry=0x61600121ae10, 
          thr=0x624000214170)
      (gdb) p table.name
      $2 = {m_name = 0x6170000c3280 "\023", static part_suffix = "#P#"}
       
      # GIT_SHOW: HEAD -> experimental, origin/experimental 32e1b1a96b072f6a71c564d3e2d50d9cf2fb3561 2022-08-24T17:04:19+02:00
      # rqg.pl  : Version 4.0.6 (2022-05)
      #
      # $RQG_HOME/rqg.pl \
      # --gendata=conf/mariadb/fk_truncate.zz \
      # --grammar=conf/mariadb/fk_truncate.yy \
      # --mysqld=--loose-innodb_lock_schedule_algorithm=fcfs \
      # --mysqld=--loose-idle_write_transaction_timeout=0 \
      # --mysqld=--loose-idle_transaction_timeout=0 \
      # --mysqld=--loose-idle_readonly_transaction_timeout=0 \
      # --mysqld=--connect_timeout=60 \
      # --mysqld=--interactive_timeout=28800 \
      # --mysqld=--slave_net_timeout=60 \
      # --mysqld=--net_read_timeout=30 \
      # --mysqld=--net_write_timeout=60 \
      # --mysqld=--loose-table_lock_wait_timeout=50 \
      # --mysqld=--wait_timeout=28800 \
      # --mysqld=--lock-wait-timeout=86400 \
      # --mysqld=--innodb-lock-wait-timeout=50 \
      # --no-mask \
      # --queries=10000000 \
      # --seed=random \
      # --reporters=Backtrace \
      # --reporters=ErrorLog \
      # --reporters=Deadlock1 \
      # --validators=None \
      # --mysqld=--log_output=none \
      # --mysqld=--log_bin_trust_function_creators=1 \
      # --mysqld=--loose-debug_assert_on_not_freed_memory=0 \
      # --engine=InnoDB \
      # --restart_timeout=240 \
      # --mysqld=--plugin-load-add=file_key_management.so \
      # --mysqld=--loose-file-key-management-filename=$RQG_HOME/conf/mariadb/encryption_keys.txt \
      # --mysqld=--plugin-load-add=provider_lzo.so \
      # --mysqld=--plugin-load-add=provider_bzip2.so \
      # --mysqld=--plugin-load-add=provider_lzma.so \
      # --mysqld=--plugin-load-add=provider_snappy.so \
      # --mysqld=--plugin-load-add=provider_lz4.so \
      # --duration=300 \
      # --mysqld=--loose-innodb_fatal_semaphore_wait_threshold=300 \
      # --mysqld=--innodb_file_per_table=0 \
      # --mysqld=--loose-innodb_read_only_compressed=OFF \
      # --mysqld=--loose-innodb-sync-debug \
      # --mysqld=--innodb_stats_persistent=off \
      # --mysqld=--innodb_adaptive_hash_index=on \
      # --mysqld=--log-bin \
      # --mysqld=--sync-binlog=1 \
      # --mysqld=--loose-innodb_evict_tables_on_commit_debug=off \
      # --mysqld=--loose-max-statement-time=30 \
      # --threads=2 \
      # --mysqld=--innodb_use_native_aio=1 \
      # --mysqld=--loose_innodb_change_buffering=changes \
      # --mysqld=--innodb_rollback_on_timeout=OFF \
      # --vardir_type=fast \
      # --mysqld=--innodb_page_size=64K \
      # --mysqld=--innodb-buffer-pool-size=256M \
      # <local settings>
      
      

      Attachments

        1. TBR-1600.zz
          1 kB
        2. TBR-1600.yy
          0.7 kB
        3. TBR-1600.cfg
          45 kB

        Issue Links

          Activity

            People

              marko Marko Mäkelä
              mleich Matthias Leich
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.